Home

About Us

IT Services

Understanding IT

News & Events

Blog

Support

Contact Us

Blog
  • Register

Capstone Works Blog

Capstone Works, Inc. has been serving the Cedar Park area since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

3 Huge Unexpected Cybersecurity Risks Your Staff Needs to Know About, Today

3 Huge Unexpected Cybersecurity Risks Your Staff Needs to Know About, Today

Most people these days are somewhat familiar with the traditional attack vectors of cybercriminals. Because of this, the bad guys are always exploring alternative options for spreading malware and stealing data, often in places where you would least expect it.

Here are three unexpected cybersecurity risks that you and your staff need to be aware of.

QR Codes Can Be Dangerous

QR codes are those black and white square barcodes that started to become popular again during the pandemic, as restaurants would often use them to display digital menus to prevent the spread of germs on traditional paper or plastic menus.

It’s pretty likely that the QR codes the wait staff is handing out are safe, but a QR code is really nothing more than a website address, or in some cases a bit of text or some other small amount of code. When you scan it with your phone, your phone simply goes to that website address or reads the text or runs the code. It doesn’t take any effort to produce a QR code—they can be produced automatically or with free tools online. 

What makes them potentially dangerous is that someone with bad intentions can easily take a malicious URL and create a QR code that leads people to it.

Here’s a hypothetical situation—many TSA checkpoints at airports offer to upsell travelers to skip the line. Usually they offer QR codes to scan while you are standing there waiting in line to try to get you to commit to the upsell. It wouldn’t be very complicated for someone to print off their own QR code that leads to a website that they created that looks like a TSA login, getting you to submit account information or make a quick transaction thinking it will get you through the line faster. If someone were to make their own QR code as a large sticker and cover up the correct QR code on some of the signage, it might take the TSA hours, or days, or longer before realizing what is happening.

This is just one example, so it’s best to stay vigilant. We’re not saying you shouldn’t scan any QR code, but only scan them when you are certain they are going to do what they are meant to do.

Bitly and Short Links Can Pack a Harmful Surprise

This isn’t really anything new. Ever since URL shorteners like Bitly and TinyURL have existed, people have been using them for nefarious purposes. These tools are really handy, because if you are using your website for marketing, you can drive people to a specific page with a URL that is much shorter and easier to type by using URL shorteners. 

It’s just as easy for someone with bad intentions to take a malicious URL and shorten it to make it look more trustworthy. For example, one could make a website that looks like a local credit union, and create a short URL with Bitly and then share it with local users. To entice people to click on it and submit their banking information, it could be texted to local numbers with a message like “Alert - we’ve detected suspicious activity with one of your bank accounts. Please log in to review your account.” and then include the fake link.

It’s important to be skeptical of links like this, especially when they come with urgent messaging that is trying to get you to react without thinking clearly.

Lost Portable Storage Devices and USB Thumb Drives Aren’t Worth Recovering

If you ever stumble across a random USB thumb drive or some other storage medium like a portable hard drive, your first instinct might be to plug it in and see what’s on it.

There are a lot of ways this can go south.

First, USB thumb drives are generally very cheap these days. You can order a bulk of 50 of them for around $60 on Amazon right now. For a novice criminal, it’s a very cost effective way to infiltrate a network with the right tools.

Most people are familiar with ransomware. Just in case, ransomware is a type of cyberattack that quickly locks down vast amounts of data on a device and the only way to get it back is to pay a ransom to the cybercriminals anonymously. Once a system or network is infected by ransomware, it’s pretty much impossible to clean it up without relying on a full backup restore, or submitting to the criminals and paying the ransom. 

Now let’s stop right there and ask a fun question—do you ever wonder where all this malware and ransomware comes from? 

As it turns out, a lot of modern ransomware is just software that criminals can buy and distribute. A criminal can purchase the software they need to deploy and manage ransomware campaigns off the Darkweb, and the software itself can run for as little as $20 to $50.

So for around (or less than) $100, a novice cybercriminal can load up 50 thumb drives with ransomware and drop them in office lobbies, parking lots, leave them on public transportation, or even toss them onto the desk of a receptionist who isn’t looking. As soon as the drive is plugged into a PC, it deploys the ransomware and immediately takes over the network until you pay.

The Typical End User Has a Lot to Watch Out For

These were some unexpected threats that can cause a lot of havoc on a business, but the traditional threats like phishing attacks, malware, sketchy email attachments, dangerous links, and more are still a problem that your staff needs to keep an eye out for. 

The best solution is providing ongoing training and to make sure that your network and the devices on it are protected. At Capstone Works, we can help make sure your network is secure, and we offer solutions to help train and protect your employees, whether they are working within the office, remote, or a hybrid of both. 


Let’s talk about protecting your business so that you can focus on running it. Give us a call today at (512) 343-8891.

Could Your Business Survive a Ransomware Attack?
Benefits of Outsourcing Managed IT Services
Comment for this post has been locked by admin.
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, November 21, 2024

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Passwords today Remote Tech Support Two-Factor Authentication BDR Privacy Social Media right time web application Small Business Computer Gadgets IT support Internet HIPAA best practices COVID-19 Server AutoCAD EMR spam Current Events employees Cloud services Data Recovery business owners Content Filtering Vendor devices Remote Workers Managed IT Business Cybersecurity Break/fit Hosted Solutions SCAMS Architect IT Cloud Computing Managed Services Apple Backup Workplace Strategies Saving Money File Folder Quick Tips AI Communication UPS IT Services cloud Innovation Marketing Malware smart devices hackers Ransomware January 28 Tip of the Week Business continuity IoT Email Network Security sports teams Servers Productivity User Tips Security Outsourced IT Mobile Office comprehensive IT Delightful IT Support media accounts phishing cybersecurity tools Engineering Co-managed IT Business Continuity Clutch 365 features Hardware Microsoft Office 365 Users Shadow Cloud Communications Data business Disaster Recovery Passwords Cloud computing Workplace Strategy Network Saving money Best Practices Technology managed IT Cyberattack accounts need Health Password Workplace Tips Software Broadband Recovery 2FA Remote Work AWS password protection cybersecurity Microsoft Teams business continuity Microsoft Managed Service high-threat environment Disaster Planning surge protection Common password content Efficiency Data Privacy Day New Year Windows application employees download VoIP Compliance Microsoft Office

Latest News & Events

Capstone Works is proud to announce the launch of our new website at https://www.capstoneworks.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our ser...

Contact Us

Learn more about what Capstone Works can do for your business.

Call Us Today
Call us today
(512) 343-8891

715 Discovery Blvd
Suite 511

Cedar Park, Texas 78613